Universal One-way Hash Function
   HOME
*





Universal One-way Hash Function
In cryptography a universal one-way hash function (UOWHF, often pronounced "woof"), is a type of universal hash function of particular importance to cryptography. UOWHF's are proposed as an alternative to collision-resistant hash functions (CRHFs). CRHFs have a strong collision-resistance property: that it is hard, given randomly chosen hash function parameters, to find any collision of the hash function. In contrast, UOWHFs require that it be hard to find a collision where one preimage is chosen independently of the hash function parameters. The primitive was suggested by Moni Naor and Moti Yung and is also known as "target collision resistant" hash functions; it was employed to construct general digital signature schemes without trapdoor functions, and also within chosen-ciphertext secure public key encryption schemes. The UOWHF family contains a finite number of hash functions with each having the same probability of being used. Definition The security property of a UOWHF is ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Cryptography
Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adversarial behavior. More generally, cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, information security, electrical engineering, digital signal processing, physics, and others. Core concepts related to information security ( data confidentiality, data integrity, authentication, and non-repudiation) are also central to cryptography. Practical applications of cryptography include electronic commerce, chip-based payment cards, digital currencies, computer passwords, and military communications. Cryptography prior to the modern age was effectively synonymo ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Universal Hashing
In mathematics and computing, universal hashing (in a randomized algorithm or data structure) refers to selecting a hash function at random from a family of hash functions with a certain mathematical property (see definition below). This guarantees a low number of collisions in expectation, even if the data is chosen by an adversary. Many universal families are known (for hashing integers, vectors, strings), and their evaluation is often very efficient. Universal hashing has numerous uses in computer science, for example in implementations of hash tables, randomized algorithms, and cryptography. Introduction Assume we want to map keys from some universe U into m bins (labelled = \). The algorithm will have to handle some data set S \subseteq U of , S, =n keys, which is not known in advance. Usually, the goal of hashing is to obtain a low number of collisions (keys from S that land in the same bin). A deterministic hash function cannot offer any guarantee in an adversarial sett ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Cryptographic Hash Function
A cryptographic hash function (CHF) is a hash algorithm (a map of an arbitrary binary string to a binary string with fixed size of n bits) that has special properties desirable for cryptography: * the probability of a particular n-bit output result (hash value) for a random input string ("message") is 2^ (like for any good hash), so the hash value can be used as a representative of the message; * finding an input string that matches a given hash value (a ''pre-image'') is unfeasible, unless the value is selected from a known pre-calculated dictionary (" rainbow table"). The ''resistance'' to such search is quantified as security strength, a cryptographic hash with n bits of hash value is expected to have a ''preimage resistance'' strength of n bits. A ''second preimage'' resistance strength, with the same expectations, refers to a similar problem of finding a second message that matches the given hash value when one message is already known; * finding any pair of different messa ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


picture info

Preimage
In mathematics, the image of a function is the set of all output values it may produce. More generally, evaluating a given function f at each element of a given subset A of its domain produces a set, called the "image of A under (or through) f". Similarly, the inverse image (or preimage) of a given subset B of the codomain of f, is the set of all elements of the domain that map to the members of B. Image and inverse image may also be defined for general binary relations, not just functions. Definition The word "image" is used in three related ways. In these definitions, f : X \to Y is a function from the set X to the set Y. Image of an element If x is a member of X, then the image of x under f, denoted f(x), is the value of f when applied to x. f(x) is alternatively known as the output of f for argument x. Given y, the function f is said to "" or "" if there exists some x in the function's domain such that f(x) = y. Similarly, given a set S, f is said to "" if there exi ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Moni Naor
Moni Naor ( he, מוני נאור) is an Israeli Israeli may refer to: * Something of, from, or related to the State of Israel * Israelis, citizens or permanent residents of the State of Israel * Modern Hebrew, a language * ''Israeli'' (newspaper), published from 2006 to 2008 * Guni Israeli ... computer scientist, currently a professor at the Weizmann Institute of Science. Naor received his Ph.D. in 1989 at the University of California, Berkeley. His advisor was Manuel Blum. He works in various fields of computer science, mainly the foundations of cryptography. He is notable for initiating research on public key systems secure against chosen ciphertext attack and creating Malleability (cryptography), non-malleable cryptography, visual cryptography (with Adi Shamir), and suggesting various methods for verifying that users of a computer system are human (leading to the notion of CAPTCHA). His research on Small-bias sample space, give a general framework for combining small k- ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  




Moti Yung
Mordechai M. "Moti" Yung is a cryptographer and computer scientist known for his work on cryptovirology and kleptography. Career Yung earned his PhD from Columbia University in 1988 under the supervision of Zvi Galil. In the past, he worked at the IBM Thomas J. Watson Research Center, CertCo, RSA Laboratories, and Google. In 2016, Yung moved from Google to Snap Inc. Yung is currently a research scientist at Google. Yung is an adjunct senior research faculty member at Columbia University, and has co-advised PhD students including Gödel Prize winner Matthew K. Franklin, Jonathan Katz, and Aggelos Kiayias. Research Yung research covers primarily the area of cryptography and its applications to information security and data privacy. He has worked on defining and implementing malicious (offensive) cryptography: cryptovirology and kleptography, and on various other foundational and applied fields of cryptographic research, including: user and entity electronic authentication, infor ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Cramer–Shoup Cryptosystem
The Cramer–Shoup system is an asymmetric key encryption algorithm, and was the first efficient scheme proven to be secure against adaptive chosen ciphertext attack using standard cryptographic assumptions. Its security is based on the computational intractability (widely assumed, but not proved) of the decisional Diffie–Hellman assumption. Developed by Ronald Cramer and Victor Shoup in 1998, it is an extension of the ElGamal cryptosystem. In contrast to ElGamal, which is extremely malleable, Cramer–Shoup adds other elements to ensure non-malleability even against a resourceful attacker. This non-malleability is achieved through the use of a universal one-way hash function and additional computations, resulting in a ciphertext which is twice as large as in ElGamal. Adaptive chosen ciphertext attacks The definition of security achieved by Cramer–Shoup is formally termed " indistinguishability under adaptive chosen ciphertext attack" (IND-CCA2). This security definition is ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]  


Preimage Attack
In cryptography, a preimage attack on cryptographic hash functions tries to find a message that has a specific hash value. A cryptographic hash function should resist attacks on its preimage (set of possible inputs). In the context of attack, there are two types of preimage resistance: * ''preimage resistance'': for essentially all pre-specified outputs, it is computationally infeasible to find any input that hashes to that output; i.e., given , it is difficult to find an such that . * ''second-preimage resistance'': for a specified input, it is computationally infeasible to find another input which produces the same output; i.e., given , it is difficult to find a second input such that . These can be compared with a collision resistance, in which it is computationally infeasible to find any two distinct inputs , that hash to the same output; i.e., such that . Collision resistance implies second-preimage resistance, but does not guarantee preimage resistance. Conversely, a s ...
[...More Info...]      
[...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]